PERFORCE change 156625 for review

Robert Watson rwatson at FreeBSD.org
Sat Jan 24 14:35:07 PST 2009


http://perforce.freebsd.org/chv.cgi?CH=156625

Change 156625 by rwatson at rwatson_freebsd_capabilities on 2009/01/24 22:34:21

	The capability-mode rtld-elf behaves a bit differently: we pass
	the binary to execute as file descriptor 3, which rtld will map
	and then execute.  Do this by mocking up an AT_EXECFD ELF
	auxiliary argument -- let's see if this long-unused code in rtld
	works.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#5 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#5 (text+ko) ====

@@ -304,6 +304,10 @@
 func_ptr_type
 _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
 {
+#ifdef IN_RTLD_CAP
+    struct stat sb;
+    Elf_Auxinfo aux_execfd;
+#endif
     Elf_Auxinfo *aux_info[AT_COUNT];
     int i;
     int argc;
@@ -342,10 +346,32 @@
 	    aux_info[auxp->a_type] = auxp;
     }
 
+#ifdef IN_RTLD_CAP
+    /*
+     * In capability mode, the kernel has executed ld-elf-cap.so directly,
+     * and the parent has passed the executable it wants us to run as a file
+     * descriptor.  The kernel doesn't know this, so rewrite our auxilary
+     * arguments so the remainder of rtld thinks the kernel passed the file
+     * descriptor using AT_EXECFD.
+     */
+    if (aux_info[AT_EXECFD] == NULL) {
+	bzero(&aux_execfd, sizeof(aux_execfd));
+	aux_execfd.a_type = AT_EXECFD;
+	aux_execfd.a_un.a_val = 3;
+	aux_info[AT_EXECFD] = &aux_execfd;
+	if (fstat(3, &sb) < 0) {
+	    __progname = "ld-elf-cap.so";
+	    _rtld_error("executable file descriptor unusable");
+	    die();
+	}
+    }
+#endif
+
     /* Initialize and relocate ourselves. */
     assert(aux_info[AT_BASE] != NULL);
     init_rtld((caddr_t) aux_info[AT_BASE]->a_un.a_ptr);
 
+    /* XXXRW: Need to do something about program names in capability mode. */
     __progname = obj_rtld.path;
     argv0 = argv[0] != NULL ? argv[0] : "(null)";
     environ = env;
@@ -527,23 +553,6 @@
     return (func_ptr_type) obj_main->entry;
 }
 
-#ifdef IN_RTLD_CAP
-/*
- * If we are ld-elf-cap.so, then we are directly executed using fexecve(2)
- * and will need to behave a bit differently:
- *
- * (1) The ELF auxilary arguments are for our own binary.
- * (2) The main binary we want to execute will be passed as a file descriptor
- *     so we'll mock up AT_COUNT.
- */
-int
-_rtld_cap_start(int argc, char *argv[])
-{
-
-	_exit(0);
-}
-#endif
-
 Elf_Addr
 _rtld_bind(Obj_Entry *obj, Elf_Size reloff)
 {


More information about the p4-projects mailing list